Epidemiological Research Request -- State and Local Government

Epidemiological Research Request

Current Epidemiological Research Review Information Application and Confidentiality Agreement

Epidemiological Research Request -- State and Local Government

OMB: 0960-0701

Document [pdf]
Download: pdf | pdf
The United States Social Security Administration

Page 1 of 1

Step 1
SEARCH: Epidemiological Research Request

Social Security
Official Social Security Website

<

>

 

  

  

 

Online Services

Retirement Estimator

Check out your Social Security

Whether you are applying for

Calculate your benefits based

Get answers to the questions

Statement and manage your

or receiving benefits, learn

on your actual Social Security

that people most frequently

benefits.

what you can do online.

earnings record.

ask about Social Security.

Items of Interest



Forms



Publications



Application Status



Baby Names



Other Languages

FAQs

News



Social Media Hub

October 17, 2013
President’s Message to Government Employees



Social Security Update

October 1, 2013
President’s Message to Government Employees



Office Closings



Open Government



Contact Us

September 27, 2013
Read Our Agency Shutdown Contingency Plan
August 9, 2013
Statement of Carolyn W. Colvin, Acting Commissioner of Social
Security, on Payments to Same-Sex Couples
May 31, 2013
Social Security Board of Trustees: No Change in Projected Year
of Trust Fund Reserve Depletion
More News

http://www.socialsecurity.gov/

10/23/2013

- U.S. Social Security Administration Search Results

Page 1 of 3

Skip to Main Content

Social Security

FAQs| Login | Contact Us |

The Official Website of the U.S. Social Security Administration

Enter your search term Epidemiological Research Request

Search
Search

30 results
• Advanced Search

http://search.socialsecurity.gov/search?affiliate=ssa&query=Epidemiological+Research+Request

10/23/2013

- U.S. Social Security Administration Search Results

Research, Statistics, & Policy Analysis: Service to ...

Page 2 of 3

Step 2

www.socialsecurity.gov/.../epidemiology.html
You are here: Social Security Online > Research, Statistics, & Policy Analysis > Service to Epidemiological Researchers to
Provide Vital Status Data on Subjects of ...

Master Beneficiary Record, Social Security Administration, Deputy ...
www.socialsecurity.gov/.../60-0090.htm
To entities conducting epidemiological or similar research projects, upon request, ... or is for an epidemiological research
project that ...

Master Files of Social Security Number (SSN) Holders and SSN ...
www.socialsecurity.gov/.../60-0058.htm
the National Institute of Occupational Safety and Health for epidemiological research studies required by the ... office made at
the request of the subject of ...

Recording and Self-Employment Income System, Social Security ...
www.socialsecurity.gov/.../60-0059.htm
To provide information to the National Institute for Occupational Safety and Health for epidemiological research studies ...
research projects, upon request, ...

Supplemental Security Income Record and Special Veterans Benefits ...
www.socialsecurity.gov/.../60-0103.htm
To a congressional office in response to an inquiry from that office made at the request of the ... or is for an epidemiological
research project that ...

Beneficiary, Family, and Household Surveys, Records and Extracts ...
www.socialsecurity.gov/.../60-0211.htm
Records in this system are used to prepare special tabulations on request. ... beneficiaries or is for an epidemiological research
project that relates to ...

Black Lung Payment System, Social Security Administration, Office ...
www.socialsecurity.gov/.../60-0045.htm
To a congressional office in response to an inquiry from that office made at the request of the ... of an epidemiological or similar
research ...

Old Age, Survivors and Disability Beneficiary and Worker Records ...
www.socialsecurity.gov/.../60-0202.htm
To a congressional office in response to an inquiry from that office made at the request of the ... or is for an epidemiological
research project that ...

Completed Determination Record--Continuing Disability ...
www.socialsecurity.gov/.../60-0050.htm
To a congressional office in response to an inquiry from the office made at the request of the ... or is for an epidemiological
research project that ...

Race and Ethnicity Collection System (RECS)
www.socialsecurity.gov/.../60-0104.htm
To the Office of the President in response to an inquiry from that office made at the request of the ... or is for an epidemiological
research project that ...

http://search.socialsecurity.gov/search?affiliate=ssa&query=Epidemiological+Research+Request

10/23/2013

- U.S. Social Security Administration Search Results

Page 3 of 3

Code of Federal Regulations § 401.165 - Social Security
www.socialsecurity.gov/.../401-0165.htm
Statistical and research activities often do not ... or an epidemiological research project that relates ... Where a request for
information for ...

Medicare Database (MDB) File, Social Security Administration ...
www.socialsecurity.gov/.../60-0321.htm
... Is of importance to the Social Security program of the Social Security beneficiaries or is for an epidemiological research
project ... If a request for ...

[PDF] The Development and Use of Industry Data by the Social Security ...
www.socialsecurity.gov/.../v55n4p43.pdf
code were returned with a request that more specific information be provided. This employer correspondence was ...
epidemiological research. In one study,

Social Security 1994 Congressional Record 2
www.socialsecurity.gov/.../94conference.html
Social Security history reports and studies ... [Congressional Record: August 4, 1994] From the Congressional Record Online
via GPO Access [wais.access.gpo.gov]

Social Security Act §1106
www.socialsecurity.gov/.../1106.htm
Research , Policy & Planning ... the request agrees to pay for ... the Commissioner for purposes of epidemiological or similar
research which the Commissioner in ...

[PDF] CONTENTS CONFERENCE REPORT ON H.R. 4277, TO ESTABLISH THE SOCIAL ...
www.socialsecurity.gov/.../94compare.pdf
request of the President, ... Epidemiological research examines specific risk factors (such as exposure to chemical agents or
specific medical

History of SSA-related Legislation - 103rd Congress
www.socialsecurity.gov/.../103.html
... alive or deceased if it is needed for epidemiological or similar research that the HHS Sec. determines has ... to request
voluntary ...

Social Security History
www.socialsecurity.gov/.../cesbookc18.html
... Research Division ... Auxiliary divisions would provide services for the control of preventable diseases including
epidemiology, ... that a request for ...

P.L. 83-591 - Social Security
www.socialsecurity.gov/.../F083-591.html
Any amount paid or incurred for research for, or preparation, planning, or coordination of, any activity described in paragraph
(1) ...

Social Security Act §1181
www.socialsecurity.gov/.../1181.htm
The Institute may also request and obtain data ... have scientific expertise in clinical health sciences research, including
epidemiology, decisions ...
Previous 1 2 Next
▼

http://search.socialsecurity.gov/search?affiliate=ssa&query=Epidemiological+Research+Request

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 1 of 10

Social Security
Official Social Security Website

Service to Epidemiological Researchers to Provide Vital Status Data on
Subjects of Health Research
OMB No. 0960-0701

Summary
Section 311 of the Social Security Independence and Program Improvements Act of 1994 directed the
Social Security Administration (SSA) to provide support to health researchers involved in epidemiological
research. Specifically, when a study is determined to contribute to a national health interest, SSA will
furnish information regarding whether a study subject is shown on the SSA administrative records as
being alive or deceased (vital status). SSA will recoup all expenses incurred in providing this information.
CHANGE TO: Section 1106(d) of the Social Security Act directed the Social Security Administration (SSA)
to provide support to health researchers involved in epidemiological research. Specifically, SSA will furnish
Contacts
information about whether study subjects are shown on SSA records to be alive or deceased pursuant to Section
1106(d), only
Department
of Health
and Humanand
Services finds that the
This service is available
as ofwhen
this SSA
dateinbyconsultation
contactingwith
thethe
Office
of Research,
Evaluation,
research may reasonably be expected to contribute to a national health interest. The requestor must agree to
Statistics (ORES):
reimburse SSA for expenses incurred providing the information and comply with all privacy safeguards.
Social Security Administration
Office of Research, Evaluation, and Statistics
4-C-15 Operations Building
6401 Security Boulevard
Baltimore, MD 21235-6401
Fax: 410-966-4071

In addition, further information about this service is available from the ORES Epidemiological Coordinator
at the above contact points, by e-mail at ORES.Epidemiological.Requests@ssa.gov , or by telephone
CHANGE TO: or by
at 410-966-4868.
telephone at 410-96X-XXXX.
If you mail your request for this service via overnight express mail, please change the building location in
the above address to:
Room 4700 Meadows East Building

CHANGE TO: Historically, SSA had made disclosures of vital status data
under the provisions of the Freedom of Information Act (FOIA, 5 U.S.C. §
552(a)(3)). However, as a result of the Supreme Court decision in United
Supplementary Information
States Department of Justice v. Reporters Committee for Freedom of the
Press, 489 U.S. 749 (1989), SSA discontinued the process of providing such
Background
data. The enactment of Section 1106(d) of the Social Security Act restored the
Historically, SSA had made disclosures of vital status
under
of the
Freedom
of for death data
legal data
authority
for the
SSAprovisions
to release vital
status
data except
Information Act (FOIA, 5 U.S.C. 552(a)(3)). However,
as afrom
result
of the
Supreme
Court
in United
obtained
a state
under
the auspices
of decision
section 205(r)
of the Social
States Department of Justice v. Reporters Committee
for Act.
Freedom
of the Press
749Revenue
(1989), Code (26 U.S.C. §
Security
A companion
change489
to theU.S.
Internal
SSA discontinued the process of providing such data.
The enactment
of section
311return
of the
Social Security
6103(l)(5)(B))
permits SSA
to use tax
information
to determine the
Independence and Program Improvements Act of mortality
1994 restored
legal authority
for SSA to research
releasein accordance
status ofthe
individuals
for epidemiological
vital status data except for death data obtained from
state under
the
withaSection
1106(d)
of auspices
the Act. of section 205(r) of the
Social Security Act. A companion change to the Internal Revenue Code (26 U.S.C. § 6103) permits SSA
to release "presumption of living" data based on reports of earnings obtained from the IRS. Accordingly,
when the research in question has been determined to contribute to a national health interest, SSA will
furnish vital status data on study subjects. The researcher must submit the study subject's Social Security

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 2 of 10

number, full name (first, last, and middle name), date of birth (month, day, century, and year), and sex.
SSA, in turn, will furnish one of the following vital status determinations for each study subject:
• Death information (the date of death and state where a claim was filed, or the state of residence at
the time of death) if available;
• Presumption that the individual is living (there is sufficient information in SSA administrative
records to support this determination); CHANGE TO: SSA program records
• Status unknown (SSA has no record of death, nor sufficient information within the SSA
administrative records to support a determination that the subject is alive);
CHANGE TO: SSA program records
• Social Security number (SSN) verification failed (the SSN and name furnished to SSA did not
match or the date of birth furnished for an SSN/name did not match the information in the SSA
administrative records); or DELETE...DELETE...
DELETE...DELETE..
• The SSN was impossible or DELETE
had never been issued.

No additional information is provided for records that could.DELETE
not be verified.
Privacy Act Statement for Epidemiological Research Requests

The information requested by this application is authorized by the Privacy Act of 1974 (5 U.S.C. 552a),
section 1106 of the Social Security Act (42 U.S.C. 1306), and regulations under title 20 C.F.R. 401.165.
SSA will use the information you provide to document your request for vital status data, to evaluate
whether you meet the criteria required for receipt of the data, and to bill you for the required payments.
DELETE...DELETE...DELETE
Information requested in this format
is voluntary. However, if you do not provide the required information,
we will be unable to process your request. While the information you furnish in this format would almost
never be used for any purpose other than processing your request for epidemiological vital status data,
such information may be disclosed by SSA to facilitate statistical research and audit activities necessary
to ensure the integrity and improvement of programs administered by SSA.

Paperwork Reduction Act (PRA) Statement and OMB Control Number
This information collection meets the requirements of 44 U.S.C. 3507, as amended by section 2 of the
Paperwork Reduction Act of 1995. DELETE...DELETE...DELETE
You do not need to answer these questions unless we display a valid
Office of Management and Budget control number. We estimate that it will take about 120 minutes to read
the instructions, gather the facts, and answer the questions. You may send comments on our time
estimate above to:
SSA
6401 Security
Boulevard
Room
1338 Annex
Building
Baltimore, MD 21235-0001

Application Process
For each request for services, you must cover the following specific areas in separately numbered
paragraphs:
1. Project or study title.
2. Applicant name, full address, phone number, fax number, and e-mail address.
3. Contact individual name (if different than applicant), full address, phone number, fax number, and
e-mail address.
4. Project coordinator name, full address, phone number, fax number, and e-mail address.
5.
a. Name of sponsoring organization or institution supporting the research.
b. Name (and title, if available) of specific person who will sign the agreement and reimburse
SSA for expenses incurred in supplying data.
DELETE c. Employer identification number (Social Security number if not a business).

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 3 of 10

6. Data custodian's name, full address, phone number, fax number, and e-mail address.
7. Attach a one-page summary of the study protocol of the project activities. Include specific
purpose(s) of the research to be undertaken, the outcomes expected, and how your research will
contribute to a national health interest.
8. Estimated number of records you will submit. To protect data from theft or modification, SSA
recommends that requestors encrypt all input files prior to submission. Submitting unencrypted
data to SSA is not recommended and is done at the requestor's own risk.
9. Fully explain how the data provided by SSA will be used. Specify whether the data will be used
only to determine the subjects' vital status or whether it will also be used to obtain death
certificates to determine the causes of death or to obtain additional information from next-of-kin,
physicians, or hospitals.
10. Provide the final disposition of SSA data to include the location of files and full disclosure of who
will have access to the identifying data on the "presumed living" and for how long. In addition to
the staff of the requesting organization, list any "other party" that will receive (or have contractual
or other rights to) any identifying vital status information provided by SSA on the "presumed
living." Note that all organizations that will receive identifying information on the "presumed living"
must become a party to the agreement. All individuals accessing such data must sign a
confidentiality agreement.
11. If applicable, fully explain how the applicant plans to publish or release the research results,
including whether any supporting documentation will be made available in identifiable form on the
"presumed living."
12. Provide a data protection plan describing how you will ensure the confidentiality of the vital status
data supplied by SSA on the "presumed living."
13. Include a statement that the above applicant fully understands that the vital status data obtained
from SSA on the "presumed living" will only be used for the purposes described in this request
and will not be used for administrative or legal purposes.
14. Include a statement that the applicant hereby agrees to ensure the confidentiality of the vital
statistics supplied by SSA on the "presumed living" as described in the data protection plan
(item 12).
15. Applicant's signature.
NOTE: If the applicant indicates that other organizations or individuals will receive identifying SSA vital
status data on the "presumed living," that organization must also be a party (signatory) to the applicant's
memorandum or must submit a separate supporting memorandum. In this supporting documentation,
each third party must indicate (1) their role in the study and the activities they will perform, (2) a data
protection plan describing how they will store the identifying data on the "presumed living" and maintain
the confidentiality of such data, and (3) how and when the identifying data on the "presumed living" will be
destroyed.
An evaluation team comprising staff members from SSA's Office of Research, Evaluation, and Statistics
and the National Center for Health Statistics (NCHS) will review each application for services. The team
will not attempt to determine the scientific merit of the study. It is understood that the merit of the study
has been (or will be) determined by the sponsoring agency and/or the organization performing the study.
The team's purpose will be to reach a consensus that the results of the study could be expected to
advance the public's knowledge in a health area of importance to a segment of the United States
population.
If such a determination is made and the Associate Commissioner for Research, Evaluation, and Statistics
concurs, the applicant will be notified, in writing, of the methods that may be used to submit data on study
subjects, the exact format to be used in submitting this data, and the cost for developing and transmitting
the vital status data from SSA records. The applicant will be required to sign a memorandum of

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 4 of 10

understanding that will delineate his or her responsibilities in the use of the requested vital status data.
The applicant will also be required to sign a contractual agreement to facilitate payment for the service.

CHANGE TO: effective,

The Social Security Administration will recoup all costs (computer program development costs and
December 6, 2013,
ongoing processing costs) associated with this service. The service is currently available at a cost of
$0.21175 per record (data supplied to identify one study subject) up to 25,000 records. Additional records
will be processed at a cost of $0.03905 per record. These rates are subject to change to reflect actual
costs in subsequent years. Form SSA-1235-U5 "Agreement Covering Reimbursable Services" will be
signed by the applicant and an appropriate
SSA representative to formalize the payment process.
DELETE
Nonfederal requesters are required to provide an advance payment of 100 percent of the SSA costs for
this service.
CHANGE TO: establish the financial

Criteria Used to Approve Requests

arrangement between parties

The SSA/NCHS team will use the following criteria in formulating their recommendations for the Associate
Commissioner for Research, Evaluation, and Statistics:
• Use of Data for Statistical Purposes. The request for services should clearly state that the vital
status data supplied will be used to support statistical calculations and/or study findings.
Furthermore, the request must indicate those situations in which the death data furnished will be
used to identify state death records. A request will be disapproved if it proposes to use the vital
status data or state death data obtained from the vital status data for administrative, law
enforcement, or other nonstatistical purposes. The team can suggest that the applicant be given
the opportunity to revise the application to eliminate any nonstatistical uses of the vital status data.
• Disease Registries. Requests from individuals and or groups working with disease registries will be
accepted. By "disease registry" is meant a roster of persons diagnosed and/or treated for a
particular disease and maintained for the purpose of morbidity and/or mortality surveillance without
any specific hypotheses to be examined. Registries usually employ a standardized methodology,
are subject to informal and sometimes formal controls, and may rely on other methods for follow-up
of a majority of the roster. Such registries deserve special considerations. Applicants who propose
to submit a roster of names deriving from such a registry should specify the date the registry was
founded, the purposes of the registry, the eligibility criteria for including persons in the registry, the
provisions for internal and external approval of the registry's quality and methods (including human
subject considerations), and the dates of the last documented internal and/or external reviews.
SSA will generally approve these submissions provided the requests give adequate documentation
of the registries' activities.
Furthermore, registries will not be required to submit separate applications for each study. Multiple
uses of SSA vital status data are permitted provided that (1) each study is solely for statistical
purposes in medical and health research, (2) adequate assurances are given that the
confidentiality of the identifying vital status data on the "presumed living" will be maintained, and
(3) vital status data on the "presumed living" will be kept separate from any administrative records.

CHANGE TO: program

• Mortality Follow-up on Non-Disease Cohorts. Most applicants are required
to submit separate
records
requests for specific studies. However, some organizations conduct mortality surveillance studies
on "non-disease" cohorts such as industrial workers, population samples, and members of
particular families, and the vital status data on those individuals may be used for multiple
epidemiological studies. Such organizations, in essence, are maintaining exposure or other nondisease "registries" that facilitate epidemiological studies of groups with particular experiences.
Such organizations will not be required to submit separate applications to SSA for each study,
although they will be required to describe expected protocols and give specific, current, or future
examples.

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 5 of 10

Multiple uses of vital status data obtained from SSA on the "presumed living" are permitted
provided that (1) each study is solely for statistical purposes in medical or health research,
(2) adequate assurances are given that the confidentiality of the identifying vital status data on the
"presumed living" will be maintained, and (3) vital status data on the "presumed living" will be kept
separate from any administrative records. CHANGE TO: program

records
• Use of Data by a Third Party. If the applicant
indicates that another organization will receive
identifying SSA vital status data on the "presumed living," that organization must be a party to the
original submittal or submit a supporting memorandum. In this supporting documentation the third
party must indicate (1) their role in the study and the activities they will perform, (2) a data
protection plan describing how they will store data and maintain the confidentiality of data on the
"presumed living," and (3) how and when data on the "presumed living" will be destroyed.
• Final Disposition of Data. The applicant must indicate if, how, and when identifiable data on the
"presumed living" furnished in support of a request will be destroyed. If there is no indication that
the identifiable data on the "presumed living" will be destroyed, the individual requesting the vital
status data must explain, in some detail, why the data need to be maintained.

Repeated Use of the Service
Once an applicant is approved to obtain vital status data for a specific study or project, the approval is
valid for 2 years as long as there are no major changes in the project. Additional records may be
submitted under the approved contract for services. If, however, the project specifications change, the
applicant must submit a new request for services. The following is a list of possible occurrences that
would require the submission of a new request for services:
The project will be supported by a new organization;
INSERT: , but not exclusive,
A new organization will be receiving vital status data;
Confidentiality provisions on the "presumed living" have changed;
Provisions for disposing of data on the "presumed living" obtained from this request have changed;
Vital status data on the "presumed living" will be used for legal, administrative, or other actions that
could directly affect particular living individuals or establishments; or
• Changes have been made in the project's research objectives.
•
•
•
•
•

NOTE: The requesting party is required to sign a new Form SSA-1235 for new submissions.

Guidance for Preparing an SSA Data Protection Plan
Introduction
As a potential user of SSA sensitive data, you must submit an SSA Data Protection Plan for each
facility (site) where SSA sensitive data is maintained to the Office of Research, Evaluation, and
Statistics (ORES) for approval. You must specify in your SSA Data Protection Plan(s) how you will keep
SSA data secure and confidential on a variety of media, including magnetic tapes, hard disks and other
fixed magneto-optical media; compact disks, diskettes, and other removable magneto-optical media; and
paper. Use the following Guidance for Preparing an SSA Data Protection Plan to write your SSA Data
Protection Plan. Describe in detail each provision listed (use additional paper (8½ x 11) if needed).
The safeguards shall provide a level and scope of security that is not less than the level and scope of
security established by the Office of Management and Budget (OMB) in OMB Circular No. A-130,
Appendix III—Security of Federal Automated Information Systems which sets forth guidelines for security
plans for automated information systems in Federal agencies.

SSA Sensitive Data
SSA sensitive data includes any data from SSA's administrative records that might compromise the
anonymity or privacy of individuals. It also includes any variables or fields derived from our administrative

CHANGE to program

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 6 of 10

records, including linked or matched variables. The major sources of SSA administrative data are, but are
not limited to, the following systems of records:

CHANGE to program

Master Beneficiary Record (MBR)
Payment file from which Social Security checks are paid. The MBR contains information on
Title II beneficiaries, such as payment status, type and amount;
Supplemental Security Record (SSR)
Payment file from which Social Security Income (SSI) checks are paid. The SSR contains
information on Title XVI beneficiaries, such as payment status, type and amount;

DELETE 831 Disability File
...DELET
This file contains medical determinations made by the Disability Determination Services (DDS)
E...DEL
for Social Security and SSI claims;
ETE
DELETE Completed Determination Record (also known as the Disability Control File or DCF)
...DELET
This file contains information on allowed disability claimants (both Title II and Title XVI) on which
a continuing disability review has occurred and a decision of continuance or cessation has been
E...DEL
approved;
ETE
NUMIDENT
Master file of assigned Social Security Numbers (SSNs). This file contains identifying information
given by the applicant for an SSN and most of the vital status data that SSA provides health
researchers through its epidemiological service, including state of residence and date of death;
and
Master Earnings File (MEF)
This file contains workers' earnings records and information on the individual's entire work
experience.

Your SSA Data Protection Plan must include:
1. Security/Physical Safeguards of the Computing Environment.
SSA requires that you use a self-contained Local Area Network (LAN) or a stand-alone
computer(s) because of the potential security problems that can occur in timesharing mainframes
or LANs. If you do use a timesharing platform, be very specific in describing the security and
safeguards that you will use to protect our data.
Provide a detailed description of the security/physical safeguards of the computing environment in which
you will be managing and analyzing the data. For each item of the computing equipment you will be using
(CPU, tape drives, printers, etc.), describe:
a. Where they are located;
b. Who has physical access to them;
c. The security provisions that restrict access to only authorized users of the data on the
system(s) you will be using, such as locked doors, locks on equipment, passwords, encryption,
etc.;
d. The routine procedures for making backup copies of data files on tape or disk;
e. The system as a whole as well as your terminal;

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 7 of 10

f. The access system administrators have to files and passwords [For shared file systems
only];
g. The audit trails which you maintain to identify users, authenticate users, and trace users'
actions on your system. This enables you to maintain individual accountability of all data users.
2. Restricted Access—Fixed Storage Media
Provide a detailed description of how you will restrict access (e.g., password protection) to hard disk or
other electromagnetic, optical or similar fixed storage device files containing the data. Indicate the kind of
storage data you will be using and describe:
a. Where the storage devices to be used are physically located;
b. How you will restrict physical access to only authorized persons;
c. How you will restrict access to the contents of hard disk and similar storage device files to only
authorized persons, such as through a system of encryption and/or passwords;
d. How you will restrict access to files to which only authorized users have "read" and "write"
permission;
e. How you will prevent routine system backups of hard disk and similar storage device files,
regardless of type of backup medium;
f. How you will prevent access to files by system administrators [For shared file systems only];
g. Clearly in your Plan that no more than one backup copy will be made of any hard disk or
similar storage device file containing the data;
h. When (on or before the date on which your authorized access to the data expires) and how all
such copies will be destroyed.
3. Restricted Access—Removable Storage Media
Provide a detailed description of how you will restrict access to compact disks, diskettes, and other
removable electromagnetic or optical storage media files. We strongly recommend against the use of
removable media for data storage. If used, describe:
a. How you will use removable media data storage;
b. Where the removable media to be used will be physically located;
c. How physical access to them is to be restricted to only authorized persons, including
provisions for storage in locked cabinets when not in use;
d. Which mechanisms will be used to ensure that only authorized persons will be able to mount
and read removable media; and
e. Which mechanisms (e.g., computing systems that require the use of keywords or labels known
only to the owner of the removable medium, to mount the medium) will be used to ensure that
only authorized persons will be able to mount and read removable media handled by a central
system [For shared file systems only].
4. Printed Output
Provide a detailed description of how you will restrict access to paper printouts containing SSA data. SSA
strongly recommends against the creation of any paper printouts of its data. If used, describe:
a. The uses that will be made of such printouts;
b. The reasons why no other media can be used for the same purpose;
c. The means by which you will ensure that such printouts are handled by authorized persons
only;
d. How they will be kept in locked storage, accessible only to authorized persons when not in
use;
e. How they will be kept from the vision and reach of unauthorized persons when they are in use;
and

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 8 of 10

f. How they will be destroyed (e.g., made unreadable through burning or shredding) after
completing any analysis.
5. Derivations of SSA Data
Provide a clear and detailed statement that you will treat all derived SSA data in the same manner as the
original SSA data, and that you understand that derived SSA data includes, but is not limited to:
• Subsets of cases or variables from the original data;
• Numerical or other transformations of one or more variables from the original data, including
sums, means, logarithms, or products of formulas; or
• Variables linked to another dataset using variables from the original data as linkage variables.
NOTE: Aggregated statistical summaries and analyses of the original data, such as tables and regression
formulas, are not "derived variables" and, unless otherwise specified in the MOA, are not subject to the
requirements of your plan. DELETE
6. Linkages to Other Data
Provide a clear and detailed statement that you will not link any other data to the original data specified in
the MOA. Your statement must also include recognition that you will not link the original data or derived
dataset(s) to any other SSA dataset(s) without our explicit written permission. CHANGE TO: Reimbursable

Agreement

7. Training for Individuals Who Will Have Access to Confidential Data
All individuals who will have access to SSA data in identifiable form must understand the security and
safeguard provisions required to assure the confidentiality of SSA data. Explain how you will train these
individuals so they are familiar with the safeguarding provisions in your data protection plan. In addition,
they will be required to sign a Confidentiality Statement .

DELETE Explanatory Notes
DELETE

Authorized Persons
Authorized persons include the Custodian(s), the Principal Investigator(s), and any other
persons or data users designated in the Memorandum of Agreement (MOA) and support
documentation.

DELETE

SSA Sensitive Data
SSA sensitive data contains identifiable personal information and information meant to be kept
confidential as covered under SSA Regulation No. 1, the Privacy Act of 1974, the Tax Reform
Act of 1976, and Section 1106 of the Social Security Act of 1974.

DELETE

Title II
Provision of the Social Security Act. Title II is an insurance program. It was enacted in 1935 to
provide old age, survivor, and disability benefits to insured individuals irrespective of financial
need. [See 42 U.S.C. Sections 403, 423 (1982 ed. and Supp. III).]

DELETE

Title XVI
Provision of the Social Security Act. Title XVI is a welfare program. It was enacted in 1972 to
provide Social Security Income (SSI) benefits to financially needy individuals who are aged,
blind, or disabled regardless of their insured status. [See 42 U.S.C. Sections 1382(a) (1982 ed.
and Supp. III).]

DELETE

Encrypted SSA Data

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Data o... Page 9 of 10

DELETE

DELETE

Where encryption is needed, encrypt SSA data using the Digital Encryption Standard, the only
data encryption standard approved by the National Institute of Standards and Technology (NIST)
for use by Federal agencies at this time.
Faxing Data to SSA
We prefer that you not fax data to SSA. However, if you do fax data to SSA data, documents
must be properly labeled, the fax telephone number must be verified, and an authorized person
must be at the fax machine prior to sending the document.

DELETE

E-mailing Data to SSA
We prefer that you not e-mail data to SSA. However, if you do e-mail data to SSA, it must be
encrypted as an attachment to the mail message and sent to an authorized person only.

DELETE

Protected Communications
We prefer that you electronically transmit data to SSA over external networks or dedicated lines
that is encrypted and an authorized person must be at the receiving end prior to the
transmission.

DELETE

Acceptable Delivery of Data to SSA
We prefer that you deliver data to SSA only to authorized personnel and by delivery services that
provide tracing services such as certified mail, priority mail or Federal Express. We recommend
that all packages be properly sealed, labeled and reinforced, and enclosed with a list of the
contents being sent.

DELETE

Destruction of SSA Data
All SSA data not returned must be destroyed by the end of the project date as described in the
MOA. SSA data can be destroyed by burning or shredding. If the data are burned, use EPAapproved public incinerators to burn it and examine ash residue and re-burn if any large pieces
are not totally destroyed the first time. If the data are shredded, use shredders that reduce
residue particle size to 3/16 of an inch or less in width.

DELETE

Clearing Magnetic Media
Magnetic media (tapes, disks, hard drives) containing SSA data must be destroyed or erased
prior to reuse. To erase, overwrite SSA data a minimum of three times with a commercial disk
utility program. If you are unable to overwrite, degauss using a commercial degausser.

DELETE

Proper Labeling
All stored or transferred SSA data, electronic or non-electronic, must be labeled "DISCLOSURE
PROHIBITED—THIS CONTAINS SENSITIVE INFORMATION—SSA RESTRICTED DATA."

Where to Send
Send your completed SSA Data Protection Plan to:
Office of Research, Evaluation, and Statistics (ORES)
Social Security Administration
Attn: Office of Data Development
4-C-15 Operations/ c/o 4th Floor Meadows East Building

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013

Research, Statistics, & Policy Analysis: Service to Epidemiological Researchers to Provide Vital Status Dat... Page 10 of 10

6401 Security Boulevard
Baltimore, Maryland 21235
AND

DELETE

For Requesting SSA Program Data for Research
Email the completed SSA Data Protection Plan electronically to ores.research.requests@ssa.gov
For Requesting Vital Status (Epidemiological) Data
Email the completed SSA Data Protection Plan electronically to
ores.epidemiological.requests@ssa.gov

Confidentiality Agreement
All individuals who will have access to SSA data on the "presumed living" in identifiable form must sign
and date the Confidentiality Agreement .

http://www.socialsecurity.gov/policy/about/epidemiology.html

10/23/2013


File Typeapplication/pdf
File Titlehttp://www.socialsecurity.gov/
Author177717
File Modified2014-01-08
File Created2013-10-23

© 2024 OMB.report | Privacy Policy